7.2

CVSS3.1

CVE-2024-57728 -

SimpleHelp remote support software v5.5.7 and before allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted zip file (i.e. zip slip). This can be exploited to execute arbitrary code on the host in the context of the SimpleHelp server user.

πŸ“… Published: Jan. 15, 2025, midnight πŸ”„ Last Modified: Jan. 31, 2025, 9:15 p.m.

9.9

CVSS3.1

CVE-2024-57726 -

SimpleHelp remote support software v5.5.7 and before has a vulnerability that allows low-privileges technicians to create API keys with excessive permissions. These API keys can be used to escalate privileges to the server admin role.

πŸ“… Published: Jan. 15, 2025, midnight πŸ”„ Last Modified: April 24, 2026, 3:55 a.m.

8.8

CVSS3.1

CVE-2024-57020 -

TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "sMinute" parameter in setWiFiScheduleCfg.

πŸ“… Published: Jan. 15, 2025, midnight πŸ”„ Last Modified: March 18, 2025, 7:15 p.m.

9

CVSS3.1

CVE-2025-23061 -

Mongoose before 8.9.5 can improperly use a nested $where filter with a populate() match, leading to search injection. NOTE: this issue exists because of an incomplete fix for CVE-2024-53900.

πŸ“… Published: Jan. 15, 2025, midnight πŸ”„ Last Modified: Oct. 31, 2025, 6:56 p.m.

5.5

CVSS3.1

CVE-2024-57841 - net: fix memory leak in tcp_conn_request()

In the Linux kernel, the following vulnerability has been resolved: net: fix memory leak in tcp_conn_request() If inet_csk_reqsk_queue_hash_add() return false, tcp_conn_request() will return without free the dst memory, which allocated in af_ops->route_req. Here is the kmemleak stack: unreferen…

πŸ“… Published: Jan. 15, 2025, midnight πŸ”„ Last Modified: Nov. 3, 2025, 9:18 p.m.

3.3

CVSS3.1

CVE-2024-55503 -

An issue in termius before v.9.9.0 allows a local attacker to execute arbitrary code via a crafted script to the DYLD_INSERT_LIBRARIES component.

πŸ“… Published: Jan. 15, 2025, midnight πŸ”„ Last Modified: Jan. 31, 2025, 9:15 p.m.

5.5

CVSS3.1

CVE-2024-57901 - af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK

In the Linux kernel, the following vulnerability has been resolved: af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK Blamed commit forgot MSG_PEEK case, allowing a crash [1] as found by syzbot. Rework vlan_get_protocol_dgram() to not touch skb at all, so that it can be used from many cpus on…

πŸ“… Published: Jan. 15, 2025, midnight πŸ”„ Last Modified: Nov. 3, 2025, 9:18 p.m.

5.5

CVSS3.1

CVE-2024-57902 - af_packet: fix vlan_get_tci() vs MSG_PEEK

In the Linux kernel, the following vulnerability has been resolved: af_packet: fix vlan_get_tci() vs MSG_PEEK Blamed commit forgot MSG_PEEK case, allowing a crash [1] as found by syzbot. Rework vlan_get_tci() to not touch skb at all, so that it can be used from many cpus on the same skb. Add a …

πŸ“… Published: Jan. 15, 2025, midnight πŸ”„ Last Modified: Nov. 3, 2025, 9:18 p.m.

7.8

CVSS3.1

CVE-2024-57014 -

TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "recHour" parameter in setScheduleCfg.

πŸ“… Published: Jan. 15, 2025, midnight πŸ”„ Last Modified: March 18, 2025, 3:15 p.m.

7.8

CVSS3.1

CVE-2024-57857 - RDMA/siw: Remove direct link to net_device

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Remove direct link to net_device Do not manage a per device direct link to net_device. Rely on associated ib_devices net_device management, not doubling the effort locally. A badly managed local link to net_device was c…

πŸ“… Published: Jan. 15, 2025, midnight πŸ”„ Last Modified: May 4, 2025, 10:05 a.m.
Total resulsts: 349182
Page 7114 of 34,919
Β« previous page Β» next page
Filters